Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT External Security Bulletin Redistribution
ESB-2020.1488
exiv2 security, bug fix, and enhancement update
29 April 2020
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: exiv2
Publisher: Red Hat
Operating System: Red Hat
Impact/Access: Denial of Service -- Remote/Unauthenticated
Access Confidential Data -- Remote with User Interaction
Resolution: Patch/Upgrade
CVE Names: CVE-2019-20421 CVE-2019-13114 CVE-2019-13113
CVE-2019-13112 CVE-2019-13111 CVE-2019-13109
CVE-2019-9143 CVE-2018-20099 CVE-2018-20098
CVE-2018-20097 CVE-2018-20096 CVE-2018-19607
CVE-2018-19535 CVE-2018-19108 CVE-2018-19107
CVE-2018-18915 CVE-2018-17581 CVE-2018-17282
CVE-2018-17230 CVE-2018-17229 CVE-2018-14338
CVE-2018-11037 CVE-2018-10772 CVE-2018-9306
CVE-2018-9305 CVE-2018-9304 CVE-2018-9303
CVE-2018-4868 CVE-2017-18005
Reference: ESB-2020.1209
ESB-2020.1203
ESB-2020.0433
ESB-2019.3003
Original Bulletin:
https://access.redhat.com/errata/RHSA-2020:1577
- --------------------------BEGIN INCLUDED TEXT--------------------
- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
=====================================================================
Red Hat Security Advisory
Synopsis: Moderate: exiv2 security, bug fix, and enhancement update
Advisory ID: RHSA-2020:1577-01
Product: Red Hat Enterprise Linux
Advisory URL: https://access.redhat.com/errata/RHSA-2020:1577
Issue date: 2020-04-28
CVE Names: CVE-2017-18005 CVE-2018-4868 CVE-2018-9303
CVE-2018-9304 CVE-2018-9305 CVE-2018-9306
CVE-2018-10772 CVE-2018-11037 CVE-2018-14338
CVE-2018-17229 CVE-2018-17230 CVE-2018-17282
CVE-2018-17581 CVE-2018-18915 CVE-2018-19107
CVE-2018-19108 CVE-2018-19535 CVE-2018-19607
CVE-2018-20096 CVE-2018-20097 CVE-2018-20098
CVE-2018-20099 CVE-2019-9143 CVE-2019-13109
CVE-2019-13111 CVE-2019-13112 CVE-2019-13113
CVE-2019-13114 CVE-2019-20421
=====================================================================
1. Summary:
An update for exiv2, gegl, gnome-color-manager, and libgexiv2 is now
available for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact
of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available for each vulnerability from
the CVE link(s) in the References section.
2. Relevant releases/architectures:
Red Hat CodeReady Linux Builder (v. 8) - aarch64, noarch, ppc64le, s390x, x86_64
Red Hat Enterprise Linux AppStream (v. 8) - aarch64, ppc64le, s390x, x86_64
3. Description:
The exiv2 packages provide a command line utility which can display and
manipulate image metadata such as EXIF, LPTC, and JPEG comments.
The following packages have been upgraded to a later upstream version:
exiv2 (0.27.2). (BZ#1651917)
Security Fix(es):
* exiv2: infinite loop and hang in Jp2Image::readMetadata() in jp2image.cpp
could lead to DoS (CVE-2019-20421)
* exiv2: null pointer dereference in the Exiv2::DataValue::toLong function
in value.cpp (CVE-2017-18005)
* exiv2: Excessive memory allocation in Exiv2::Jp2Image::readMetadata
function in jp2image.cpp (CVE-2018-4868)
* exiv2: assertion failure in BigTiffImage::readData in bigtiffimage.cpp
(CVE-2018-9303)
* exiv2: divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp
(CVE-2018-9304)
* exiv2: out of bounds read in IptcData::printStructure in iptc.c
(CVE-2018-9305)
* exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via
crafted file (CVE-2018-10772)
* exiv2: information leak via a crafted file (CVE-2018-11037)
* exiv2: buffer overflow in samples/geotag.cpp (CVE-2018-14338)
* exiv2: heap-based buffer overflow in Exiv2::d2Data in types.cpp
(CVE-2018-17229)
* exiv2: heap-based buffer overflow in Exiv2::ul2Data in types.cpp
(CVE-2018-17230)
* exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp
leading to application crash (CVE-2018-17282)
* exiv2: Stack overflow in CiffDirectory::readDirectory() at
crwimage_int.cpp leading to denial of service (CVE-2018-17581)
* exiv2: infinite loop in Exiv2::Image::printIFDStructure function in
image.cpp (CVE-2018-18915)
* exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in
iptc.cpp (CVE-2018-19107)
* exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp
(CVE-2018-19108)
* exiv2: heap-based buffer over-read in PngChunk::readRawProfile in
pngchunk_int.cpp (CVE-2018-19535)
* exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp
(CVE-2018-19607)
* exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function
resulting in a denial of service (CVE-2018-20096)
* exiv2: Segmentation fault in
Exiv2::Internal::TiffParserWorker::findPrimaryGroups function
(CVE-2018-20097)
* exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header
resulting in a denial of service (CVE-2018-20098)
* exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a
denial of service (CVE-2018-20099)
* exiv2: infinite recursion in Exiv2::Image::printTiffStructure in file
image.cpp resulting in denial of service (CVE-2019-9143)
* exiv2: denial of service in PngImage::readMetadata (CVE-2019-13109)
* exiv2: integer overflow in WebPImage::decodeChunks leads to denial of
service (CVE-2019-13111)
* exiv2: uncontrolled memory allocation in PngChunk::parseChunkContent
causing denial of service (CVE-2019-13112)
* exiv2: invalid data location in CRW image file causing denial of service
(CVE-2019-13113)
* exiv2: null-pointer dereference in http.c causing denial of service
(CVE-2019-13114)
* exiv2: out of bounds read in IptcData::printStructure in iptc.c
(CVE-2018-9306)
For more details about the security issue(s), including the impact, a CVSS
score, acknowledgments, and other related information, refer to the CVE
page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat
Enterprise Linux 8.2 Release Notes linked from the References section.
4. Solution:
For details on how to apply this update, which includes the changes
described in this advisory, refer to:
https://access.redhat.com/articles/11258
5. Bugs fixed (https://bugzilla.redhat.com/):
1531171 - CVE-2017-18005 exiv2: null pointer dereference in the Exiv2::DataValue::toLong function in value.cpp
1531724 - CVE-2018-4868 exiv2: Excessive memory allocation in Exiv2::Jp2Image::readMetadata function in jp2image.cpp
1566725 - CVE-2018-9303 exiv2: assertion failure in BigTiffImage::readData in bigtiffimage.cpp
1566731 - CVE-2018-9304 exiv2: divide by zero in BigTiffImage::printIFD in bigtiffimage.cpp
1566735 - CVE-2018-9305 exiv2: out of bounds read in IptcData::printStructure in iptc.c
1566737 - CVE-2018-9306 exiv2: out of bounds read in IptcData::printStructure in iptc.c
1579544 - CVE-2018-11037 exiv2: information leak via a crafted file
1594627 - CVE-2018-10772 exiv2: OOB read in pngimage.cpp:tEXtToDataBuf() allows for crash via crafted file
1609396 - CVE-2018-14338 exiv2: buffer overflow in samples/geotag.cpp
1632481 - CVE-2018-17229 exiv2: heap-based buffer overflow in Exiv2::d2Data in types.cpp
1632484 - CVE-2018-17230 exiv2: heap-based buffer overflow in Exiv2::ul2Data in types.cpp
1632490 - CVE-2018-17282 exiv2: NULL pointer dereference in Exiv2::DataValue::copy in value.cpp leading to application crash
1635045 - CVE-2018-17581 exiv2: Stack overflow in CiffDirectory::readDirectory() at crwimage_int.cpp leading to denial of service
1646555 - CVE-2018-18915 exiv2: infinite loop in Exiv2::Image::printIFDStructure function in image.cpp
1649094 - CVE-2018-19107 exiv2: heap-based buffer over-read in Exiv2::IptcParser::decode in iptc.cpp
1649101 - CVE-2018-19108 exiv2: infinite loop in Exiv2::PsdImage::readMetadata in psdimage.cpp
1651917 - Rebase exiv2 to 0.27.2
1656187 - CVE-2018-19535 exiv2: heap-based buffer over-read in PngChunk::readRawProfile in pngchunk_int.cpp
1656195 - CVE-2018-19607 exiv2: NULL pointer dereference in Exiv2::isoSpeed in easyaccess.cpp
1660423 - CVE-2018-20096 exiv2: Heap-based buffer over-read in Exiv2::tEXtToDataBuf function resulting in a denial of service
1660424 - CVE-2018-20097 exiv2: Segmentation fault in Exiv2::Internal::TiffParserWorker::findPrimaryGroups function
1660425 - CVE-2018-20098 exiv2: Heap-based buffer over-read in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service
1660426 - CVE-2018-20099 exiv2: Infinite loop in Exiv2::Jp2Image::encodeJp2Header resulting in a denial of service
1684381 - CVE-2019-9143 exiv2: infinite recursion in Exiv2::Image::printTiffStructure in file image.cpp resulting in denial of service
1728484 - CVE-2019-13109 exiv2: denial of service in PngImage::readMetadata
1728488 - CVE-2019-13111 exiv2: integer overflow in WebPImage::decodeChunks leads to denial of service
1728490 - CVE-2019-13112 exiv2: uncontrolled memory allocation in PngChunk::parseChunkContent causing denial of service
1728492 - CVE-2019-13113 exiv2: invalid data location in CRW image file causing denial of service
1728494 - CVE-2019-13114 exiv2: null-pointer dereference in http.c causing denial of service
1757444 - Rebuild against exiv2-0.27.2
1757445 - Rebuild against exiv2-0.27.2
1767748 - rebuild gegl against new exiv2
1800472 - CVE-2019-20421 exiv2: infinite loop and hang in Jp2Image::readMetadata() in jp2image.cpp could lead to DoS
6. Package List:
Red Hat Enterprise Linux AppStream (v. 8):
Source:
exiv2-0.27.2-5.el8.src.rpm
gegl-0.2.0-39.el8.src.rpm
gnome-color-manager-3.28.0-3.el8.src.rpm
libgexiv2-0.10.8-4.el8.src.rpm
aarch64:
exiv2-0.27.2-5.el8.aarch64.rpm
exiv2-debuginfo-0.27.2-5.el8.aarch64.rpm
exiv2-debugsource-0.27.2-5.el8.aarch64.rpm
exiv2-libs-0.27.2-5.el8.aarch64.rpm
exiv2-libs-debuginfo-0.27.2-5.el8.aarch64.rpm
gegl-0.2.0-39.el8.aarch64.rpm
gegl-debuginfo-0.2.0-39.el8.aarch64.rpm
gegl-debugsource-0.2.0-39.el8.aarch64.rpm
libgexiv2-0.10.8-4.el8.aarch64.rpm
libgexiv2-debuginfo-0.10.8-4.el8.aarch64.rpm
libgexiv2-debugsource-0.10.8-4.el8.aarch64.rpm
ppc64le:
exiv2-0.27.2-5.el8.ppc64le.rpm
exiv2-debuginfo-0.27.2-5.el8.ppc64le.rpm
exiv2-debugsource-0.27.2-5.el8.ppc64le.rpm
exiv2-libs-0.27.2-5.el8.ppc64le.rpm
exiv2-libs-debuginfo-0.27.2-5.el8.ppc64le.rpm
gegl-0.2.0-39.el8.ppc64le.rpm
gegl-debuginfo-0.2.0-39.el8.ppc64le.rpm
gegl-debugsource-0.2.0-39.el8.ppc64le.rpm
gnome-color-manager-3.28.0-3.el8.ppc64le.rpm
gnome-color-manager-debuginfo-3.28.0-3.el8.ppc64le.rpm
gnome-color-manager-debugsource-3.28.0-3.el8.ppc64le.rpm
libgexiv2-0.10.8-4.el8.ppc64le.rpm
libgexiv2-debuginfo-0.10.8-4.el8.ppc64le.rpm
libgexiv2-debugsource-0.10.8-4.el8.ppc64le.rpm
s390x:
gegl-0.2.0-39.el8.s390x.rpm
gegl-debuginfo-0.2.0-39.el8.s390x.rpm
gegl-debugsource-0.2.0-39.el8.s390x.rpm
x86_64:
exiv2-0.27.2-5.el8.x86_64.rpm
exiv2-debuginfo-0.27.2-5.el8.i686.rpm
exiv2-debuginfo-0.27.2-5.el8.x86_64.rpm
exiv2-debugsource-0.27.2-5.el8.i686.rpm
exiv2-debugsource-0.27.2-5.el8.x86_64.rpm
exiv2-libs-0.27.2-5.el8.i686.rpm
exiv2-libs-0.27.2-5.el8.x86_64.rpm
exiv2-libs-debuginfo-0.27.2-5.el8.i686.rpm
exiv2-libs-debuginfo-0.27.2-5.el8.x86_64.rpm
gegl-0.2.0-39.el8.i686.rpm
gegl-0.2.0-39.el8.x86_64.rpm
gegl-debuginfo-0.2.0-39.el8.i686.rpm
gegl-debuginfo-0.2.0-39.el8.x86_64.rpm
gegl-debugsource-0.2.0-39.el8.i686.rpm
gegl-debugsource-0.2.0-39.el8.x86_64.rpm
gnome-color-manager-3.28.0-3.el8.x86_64.rpm
gnome-color-manager-debuginfo-3.28.0-3.el8.x86_64.rpm
gnome-color-manager-debugsource-3.28.0-3.el8.x86_64.rpm
libgexiv2-0.10.8-4.el8.i686.rpm
libgexiv2-0.10.8-4.el8.x86_64.rpm
libgexiv2-debuginfo-0.10.8-4.el8.i686.rpm
libgexiv2-debuginfo-0.10.8-4.el8.x86_64.rpm
libgexiv2-debugsource-0.10.8-4.el8.i686.rpm
libgexiv2-debugsource-0.10.8-4.el8.x86_64.rpm
Red Hat CodeReady Linux Builder (v. 8):
Source:
exiv2-0.27.2-5.el8.src.rpm
libgexiv2-0.10.8-4.el8.src.rpm
aarch64:
exiv2-debuginfo-0.27.2-5.el8.aarch64.rpm
exiv2-debugsource-0.27.2-5.el8.aarch64.rpm
exiv2-devel-0.27.2-5.el8.aarch64.rpm
exiv2-libs-debuginfo-0.27.2-5.el8.aarch64.rpm
libgexiv2-debuginfo-0.10.8-4.el8.aarch64.rpm
libgexiv2-debugsource-0.10.8-4.el8.aarch64.rpm
libgexiv2-devel-0.10.8-4.el8.aarch64.rpm
noarch:
exiv2-doc-0.27.2-5.el8.noarch.rpm
ppc64le:
exiv2-debuginfo-0.27.2-5.el8.ppc64le.rpm
exiv2-debugsource-0.27.2-5.el8.ppc64le.rpm
exiv2-devel-0.27.2-5.el8.ppc64le.rpm
exiv2-libs-debuginfo-0.27.2-5.el8.ppc64le.rpm
libgexiv2-debuginfo-0.10.8-4.el8.ppc64le.rpm
libgexiv2-debugsource-0.10.8-4.el8.ppc64le.rpm
libgexiv2-devel-0.10.8-4.el8.ppc64le.rpm
s390x:
exiv2-0.27.2-5.el8.s390x.rpm
exiv2-debuginfo-0.27.2-5.el8.s390x.rpm
exiv2-debugsource-0.27.2-5.el8.s390x.rpm
exiv2-devel-0.27.2-5.el8.s390x.rpm
exiv2-libs-0.27.2-5.el8.s390x.rpm
exiv2-libs-debuginfo-0.27.2-5.el8.s390x.rpm
libgexiv2-0.10.8-4.el8.s390x.rpm
libgexiv2-debuginfo-0.10.8-4.el8.s390x.rpm
libgexiv2-debugsource-0.10.8-4.el8.s390x.rpm
libgexiv2-devel-0.10.8-4.el8.s390x.rpm
x86_64:
exiv2-debuginfo-0.27.2-5.el8.i686.rpm
exiv2-debuginfo-0.27.2-5.el8.x86_64.rpm
exiv2-debugsource-0.27.2-5.el8.i686.rpm
exiv2-debugsource-0.27.2-5.el8.x86_64.rpm
exiv2-devel-0.27.2-5.el8.i686.rpm
exiv2-devel-0.27.2-5.el8.x86_64.rpm
exiv2-libs-debuginfo-0.27.2-5.el8.i686.rpm
exiv2-libs-debuginfo-0.27.2-5.el8.x86_64.rpm
libgexiv2-debuginfo-0.10.8-4.el8.i686.rpm
libgexiv2-debuginfo-0.10.8-4.el8.x86_64.rpm
libgexiv2-debugsource-0.10.8-4.el8.i686.rpm
libgexiv2-debugsource-0.10.8-4.el8.x86_64.rpm
libgexiv2-devel-0.10.8-4.el8.i686.rpm
libgexiv2-devel-0.10.8-4.el8.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and
details on how to verify the signature are available from
https://access.redhat.com/security/team/key/
7. References:
https://access.redhat.com/security/cve/CVE-2017-18005
https://access.redhat.com/security/cve/CVE-2018-4868
https://access.redhat.com/security/cve/CVE-2018-9303
https://access.redhat.com/security/cve/CVE-2018-9304
https://access.redhat.com/security/cve/CVE-2018-9305
https://access.redhat.com/security/cve/CVE-2018-9306
https://access.redhat.com/security/cve/CVE-2018-10772
https://access.redhat.com/security/cve/CVE-2018-11037
https://access.redhat.com/security/cve/CVE-2018-14338
https://access.redhat.com/security/cve/CVE-2018-17229
https://access.redhat.com/security/cve/CVE-2018-17230
https://access.redhat.com/security/cve/CVE-2018-17282
https://access.redhat.com/security/cve/CVE-2018-17581
https://access.redhat.com/security/cve/CVE-2018-18915
https://access.redhat.com/security/cve/CVE-2018-19107
https://access.redhat.com/security/cve/CVE-2018-19108
https://access.redhat.com/security/cve/CVE-2018-19535
https://access.redhat.com/security/cve/CVE-2018-19607
https://access.redhat.com/security/cve/CVE-2018-20096
https://access.redhat.com/security/cve/CVE-2018-20097
https://access.redhat.com/security/cve/CVE-2018-20098
https://access.redhat.com/security/cve/CVE-2018-20099
https://access.redhat.com/security/cve/CVE-2019-9143
https://access.redhat.com/security/cve/CVE-2019-13109
https://access.redhat.com/security/cve/CVE-2019-13111
https://access.redhat.com/security/cve/CVE-2019-13112
https://access.redhat.com/security/cve/CVE-2019-13113
https://access.redhat.com/security/cve/CVE-2019-13114
https://access.redhat.com/security/cve/CVE-2019-20421
https://access.redhat.com/security/updates/classification/#moderate
https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/8/html/8.2_release_notes/index
8. Contact:
The Red Hat security contact is <secalert@redhat.com>. More contact
details at https://access.redhat.com/security/team/contact/
Copyright 2020 Red Hat, Inc.
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIVAwUBXqhVrdzjgjWX9erEAQhEshAAjydQ7MWvHPf96Bzo5YqL2h5BRGMLU7UI
m1271qcbiAnNu42MAXPETuY/BEX4nz12nDACRDDeLnI2jHFtus3CSO8JEq0/nI31
54SwqHwAEa1AmRArR6PkV97bL+c+P2AO0Rg+L17WsrClAE/pfHDHHtGEosIUawtW
6Wfn0pAU4mXrDK/GodMRje/l+JvbP9GGQZfM5OQ9K1eMZ+JOZydnnubp5ZWUa4jp
hh7Acbxs75HTf0ZzXGRKOWiEuv9yKfi/pjbokmtW3wGCH3v61Heyufb2JUsNqgj5
KRTHSRFUX3UqjcwOYbfh7MU68nyt2ZplgRFktqAcCu6Awm+/CdYwVJCi95ZhPrL1
xioPcXpiETgPRhdlbA4/lFLvy5J7ne5u5dlmn9y4ieNrbqrtwCbC9G+j4kPmdTsn
7MDr5HO/7Bt5W1zU6C+0ZxV0b8bu/MAIBdCWPvtoi5mkniLVgyhyuw9dtfvRTDtN
lXr+JbIRmhZEXAvrAv2eTQTRag47BHC/2NhoqVpdtlRnMExZKwpNdUOGpzAwVdQB
FaH7b4kdaeckmfPpeE1E9LHB8at/kXZw17IhbhmxzlRTwuLDDTAvagivuzYB01jL
ASbvIZpGmj3haY4y/ti26DRX9mgnmNOiYyedd7F7JjMQbT0FQWZRthJXPKIZffW3
us2tKbcUTC4=
=0UIZ
- -----END PGP SIGNATURE-----
- --------------------------END INCLUDED TEXT--------------------
You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.
NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members. As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.
NOTE: This is only the original release of the security bulletin. It may
not be updated when updates to the original are made. If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.
Contact information for the authors of the original document is included
in the Security Bulletin above. If you have any questions or need further
information, please contact them directly.
Previous advisories and external security bulletins can be retrieved from:
https://www.auscert.org.au/bulletins/
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXqkGIWaOgq3Tt24GAQi7ghAAmEWQtcX2XKSdBoCI5cKnweb48NWikRbS
dH6rcO9371xCxCKGRPaGIS9w3m3wK7vSMQFHemgp7107CnlCy8we9yeZrd2pFrJt
9pyHRVm0YlX+1y4SK2awGzZXIv4dyJNPKDPUZe68R17u6CKVAEz5Q+2IEPy21yVw
s7N5U2tJsDsPAeAytJM7TDF6edLdPQ0yLqtJGkxhENT7isF9/bavk1DxxtpD638c
Y5nwME15EKcxJnHEYDy5BVbrS8ZDfTKbOTHxwOkNHYMKerfXnNGV1lIf/I3YfDMI
o8TFJ97M2yma2MHDhk6CwLoVxIels5qCH5io5m6Sa9t5lpCQEYsNc57I7XfXKzXD
bP61m4lPacaXe8R2z1GRTzIkUis117lWeR1zlxUL8Cy0AkjotfbOmsO1RyCLbJ6i
4AHNvm7T72z9pCZxxnoBCE4LWHr7VgbdmYnNO8A9r1gcert3jicONPhuM5F1v1e/
axNwQtZxY5IyAjdDeftc9GmtJV9Wm7BMXQXJ36hscsflRx5ucXqAq11r+gZ5xwkF
Drmu+OKhG9S2TDrRrhxQ4bArr2a8ownupCTRgrYM/6p6Mbpc12xXnEvU8wrrjVvH
xj8/qLfN0d5UexY/bFRYe3tHF2JQJE6tU5WN6RCqmDnrU5KLL0heWmnOdUwrH0/X
+P7r2yYGf2I=
=B1kO
-----END PGP SIGNATURE-----